Using Tor does not ensure your anonymity, there are many many ways that you can be de-anonymised. You will always leave footprints. If you do leave a footprint in error then your job is to try to make them “65 million year old hard to find fossilised dinosaur” footprints and not “freshly pressed custom-made initialled Nike” footprints.
There are all sorts of “novel attack vectors” that can be used to identify Tor users. Developing a counter-surveillance and anonymity mindset while following disciplined behavioural habits combined with the correct installation and isolation of your Tor presence will avoid 99% of the ways that Tor users have their identities exposed.
Try to eliminate the most blatantly obvious technical and non-technical behaviours that will compromise the integrity of your anonymous identity online. Use Tor consistently:
- Don’t use Tor at home, in your hotel room, at your favourite coffee house;
- Watch out for & monitor for DNS leaks;
- Don’t be the only person using Tor on a monitored network at a given time;
- Use a bridge;
- Leave encrypted laptops in a powered down state when not in use;
- Don’t use the same or similar usernames and passwords as your real life online identity;
- Don’t mix normal internet usage with Tor usage (correlation attack opportunities);
- Don’t talk about the local weather, events, news when using your Tor identity;
- Avoid expressions of personal preferences – movies, music, cars, sports;
- Don’t maintain a whitelisted website list for java scripting;
- Don’t use browser add-ons that can coerce your real IP address from your browser;
More later … Ciao!